feat: add sops We've previously used SOPS for our secrets management and liked it. We did, however, find the configuration was a bit annoying to do. In aid of this, we've made a SOPS module that we find a little easier to make the sort of configurations we want without creating so much mess. We haven't set up scalpel/equivalent yet - we intend to avoid it if at all possible. It isn't necessarily out-of-scope but it isn't included in our current SOPS plans. Change-Id: I35b9c7e94c12a4f1360833026efe06803d59626e Reviewed-on: https://git.clicks.codes/c/Infra/NixFiles/+/725 Reviewed-by: Samuel Shuert <coded@clicks.codes> Tested-by: Samuel Shuert <coded@clicks.codes>

commit: 82ea805ff6f1bffc2638cc9f68af5cca7f216e36 [log] [tgz]
author: Skyler Grey <minion@clicks.codes> Sat Jun 08 22:56:00 2024 +0000
committer: Samuel Shuert <coded@clicks.codes> Sun Jun 09 00:40:11 2024 +0000
tree: 85e77e7cbaefa20045e7b6efdac72172dba7e322
parent: d3377400b7bd81cb1d5b62c0463a52438e2330a9 [diff] [blame]
diff --git a/configure.sh b/configure.sh
new file mode 100755
index 0000000..7ff1090
--- /dev/null
+++ b/configure.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+# SPDX-FileCopyrightText: 2024 Clicks Codes
+#
+# SPDX-License-Identifier: GPL-3.0-only
+
+nix eval -f .sops.nix --apply "(f: f (builtins.getFlake \"nixpkgs\"))" --json > .sops.yaml # regenerate the "yaml" so you can add secrets
commit	82ea805ff6f1bffc2638cc9f68af5cca7f216e36	[log] [tgz]
author	Skyler Grey <minion@clicks.codes>	Sat Jun 08 22:56:00 2024 +0000
committer	Samuel Shuert <coded@clicks.codes>	Sun Jun 09 00:40:11 2024 +0000
tree	85e77e7cbaefa20045e7b6efdac72172dba7e322
parent	d3377400b7bd81cb1d5b62c0463a52438e2330a9 [diff] [blame]